Gitiles
Code Review Sign In
gerrit.nordix.org / onap / oom / a4275991aff6b4dafb19e57325c04ac0fb811a66 / . / kubernetes / policy / components / policy-distribution / values.yaml
blob: 5cdda2f0b889d6692f788a8dacd57af747ab48ff [file] [log] [blame]
mmis9cb50292018-09-19 00:31:35 +0100[diff] [blame]1# ============LICENSE_START=======================================================
2# Copyright (C) 2018 Ericsson. All rights reserved.
jhh999c2242021-02-24 12:10:02 -0600[diff] [blame]3# Modifications Copyright (C) 2019-2021 AT&T Intellectual Property.
mmis9cb50292018-09-19 00:31:35 +0100[diff] [blame]4# ================================================================================
5# Licensed under the Apache License, Version 2.0 (the "License");
6# you may not use this file except in compliance with the License.
7# You may obtain a copy of the License at
8#
9# http://www.apache.org/licenses/LICENSE-2.0
10#
11# Unless required by applicable law or agreed to in writing, software
12# distributed under the License is distributed on an "AS IS" BASIS,
13# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14# See the License for the specific language governing permissions and
15# limitations under the License.
16#
17# SPDX-License-Identifier: Apache-2.0
18# ============LICENSE_END=========================================================
19
20#################################################################
Dominik Mizyn4aa534f2020-04-14 18:03:53 +0200[diff] [blame]21# Secrets metaconfig
22#################################################################
23secrets:
24 - uid: restserver-creds
25 type: basicAuth
26 externalSecret: '{{ tpl (default "" .Values.restServer.credsExternalSecret) . }}'
27 login: '{{ .Values.restServer.user }}'
28 password: '{{ .Values.restServer.password }}'
29 passwordPolicy: required
30 - uid: apiparameters-creds
31 type: basicAuth
32 externalSecret: '{{ tpl (default "" .Values.apiParameters.credsExternalSecret) . }}'
33 login: '{{ .Values.apiParameters.user }}'
34 password: '{{ .Values.apiParameters.password }}'
35 passwordPolicy: required
36 - uid: papparameters-creds
37 type: basicAuth
38 externalSecret: '{{ tpl (default "" .Values.papParameters.credsExternalSecret) . }}'
39 login: '{{ .Values.papParameters.user }}'
40 password: '{{ .Values.papParameters.password }}'
41 passwordPolicy: required
42 - uid: sdcbe-creds
43 type: basicAuth
44 externalSecret: '{{ tpl (default "" .Values.sdcBe.credsExternalSecret) . }}'
45 login: '{{ .Values.sdcBe.user }}'
46 password: '{{ .Values.sdcBe.password }}'
47 passwordPolicy: required
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]48 - uid: keystore-password
49 type: password
50 externalSecret: '{{ tpl (default "" .Values.certStores.keyStorePasswordExternalSecret) . }}'
51 password: '{{ .Values.certStores.keyStorePassword }}'
52 passwordPolicy: required
53 - uid: truststore-password
54 type: password
55 externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}'
56 password: '{{ .Values.certStores.trustStorePassword }}'
57 passwordPolicy: required
efiacor3f7b3752022-11-28 10:38:56 +0000[diff] [blame]58 - uid: policy-dist-kafka-user
59 externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
60 type: genericKV
61 envs:
62 - name: sasl.jaas.config
63 value: '{{ .Values.config.someConfig }}'
64 policy: generate
Dominik Mizyn4aa534f2020-04-14 18:03:53 +0200[diff] [blame]65#################################################################
mmis9cb50292018-09-19 00:31:35 +0100[diff] [blame]66# Global configuration defaults.
67#################################################################
68global:
69 persistence: {}
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]70 aafEnabled: true
mmis9cb50292018-09-19 00:31:35 +0100[diff] [blame]71
72#################################################################
73# Application configuration defaults.
74#################################################################
75# application image
efiacor3f7b3752022-11-28 10:38:56 +0000[diff] [blame]76image: onap/policy-distribution:2.9.0
mmis9cb50292018-09-19 00:31:35 +0100[diff] [blame]77pullPolicy: Always
78
79# flag to enable debugging - application support required
80debugEnabled: false
81
82# application configuration
efiacor3f7b3752022-11-28 10:38:56 +0000[diff] [blame]83config:
84 someConfig: blah
85 kafka:
86 bootstrapServer: strimzi-kafka-bootstrap:9092
87 securityProtocol: SASL_PLAINTEXT
88 saslMechanism: SCRAM-SHA-512
89 authType: simple
90 sdcTopic:
91 pattern: SDC-DIST
92 consumerGroup: policy-group
93 clientId: policy-distribution
mmis9cb50292018-09-19 00:31:35 +0100[diff] [blame]94
Dominik Mizyn4aa534f2020-04-14 18:03:53 +0200[diff] [blame]95restServer:
96 user: healthcheck
97 password: zb!XztG34
98apiParameters:
adheli.tavaresf3656cd2021-11-10 14:54:32 +0000[diff] [blame]99 user: policyadmin
Dominik Mizyn4aa534f2020-04-14 18:03:53 +0200[diff] [blame]100 password: zb!XztG34
101papParameters:
adheli.tavaresf3656cd2021-11-10 14:54:32 +0000[diff] [blame]102 user: policyadmin
Dominik Mizyn4aa534f2020-04-14 18:03:53 +0200[diff] [blame]103 password: zb!XztG34
104sdcBe:
105 user: policy
106 password: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]107certStores:
108 keyStorePassword: Pol1cy_0nap
109 trustStorePassword: Pol1cy_0nap
110
111certInitializer:
112 nameOverride: policy-distribution-cert-initializer
113 aafDeployFqi: deployer@people.osaaf.org
114 aafDeployPass: demo123456!
115 fqdn: policy
116 fqi: policy@policy.onap.org
117 public_fqdn: policy.onap.org
118 cadi_latitude: "0.0"
119 cadi_longitude: "0.0"
120 credsPath: /opt/app/osaaf/local
121 app_ns: org.osaaf.aaf
122 uid: 100
123 gid: 101
124 aaf_add_config: >
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]125 echo "export KEYSTORE='{{ .Values.credsPath }}/org.onap.policy.p12'" >> {{ .Values.credsPath }}/.ci;
126 echo "export KEYSTORE_PASSWD='${cadi_keystore_password_p12}'" >> {{ .Values.credsPath }}/.ci;
127 chown -R {{ .Values.uid }}:{{ .Values.gid }} $(dirname {{ .Values.credsPath }});
Dominik Mizyn4aa534f2020-04-14 18:03:53 +0200[diff] [blame]128
mmis9cb50292018-09-19 00:31:35 +0100[diff] [blame]129# default number of instances
130replicaCount: 1
131
132nodeSelector: {}
133
134affinity: {}
135
136# probe configuration parameters
137liveness:
138 initialDelaySeconds: 20
139 periodSeconds: 10
140 # necessary to disable liveness probe when setting breakpoints
141 # in debugger so K8s doesn't restart unresponsive container
142 enabled: true
143
144readiness:
145 initialDelaySeconds: 20
146 periodSeconds: 10
147
148service:
149 type: ClusterIP
150 name: policy-distribution
amatthews736bf372021-12-14 16:04:15 +0000[diff] [blame]151 portName: http
jhh59ce22d2019-05-14 17:59:36 -0500[diff] [blame]152 externalPort: 6969
mmis9cb50292018-09-19 00:31:35 +0100[diff] [blame]153 internalPort: 6969
154
155ingress:
156 enabled: false
157
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]158flavor: small
159resources:
160 small:
161 limits:
162 cpu: 1
163 memory: 4Gi
164 requests:
165 cpu: 100m
166 memory: 1Gi
167 large:
168 limits:
169 cpu: 2
170 memory: 8Gi
171 requests:
172 cpu: 200m
173 memory: 2Gi
174 unlimited: {}
farida azmyc1178372021-04-11 12:55:33 +0200[diff] [blame]175
176#Pods Service Account
177serviceAccount:
178 nameOverride: policy-distribution
179 roles:
180 - read
Rashmi Pujara8b09262022-03-15 21:58:57 -0400[diff] [blame]181
Rashmi Pujara8b09262022-03-15 21:58:57 -0400[diff] [blame]182metrics:
183 serviceMonitor:
184 # Override the labels based on the Prometheus config parameter: serviceMonitorSelector.
185 # The default operator for prometheus enforces the below label.
186 labels:
187 release: prometheus
188 enabled: true
189 port: policy-distribution
190 interval: 60s
191 isHttps: true
192 basicAuth:
193 enabled: true
194 externalSecretNameSuffix: policy-distribution-restserver-creds
195 externalSecretUserKey: login
196 externalSecretPasswordKey: password
197 selector:
198 app: '{{ include "common.name" . }}'
199 chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}'
200 release: '{{ include "common.release" . }}'
201 heritage: '{{ .Release.Service }}'